Basic Question re Security issue
Alan Clegg
Alan_Clegg at isc.org
Sat Jul 26 13:02:08 UTC 2008
Alan Clegg wrote:
> Skeeve Stevens wrote:
>> After we have the latest safe code, what config changes should we be making
>> for everything to be ok?
>
> You mean to not break what the patch fixed?
>
> make sure you don't have a:
>
> udp-source port XX;
>
> in your config. And make sure your servers are not behind NAT devices
> that remove the randomness that you have now gained on your outbound
> queries.
And yes, it was too late and I'd been working too many hours when I
wrote the above... of course it is:
query-source port XX;
AlanC
More information about the bind-users
mailing list